Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/o4gNodeDpB7mIqqFkXvgIXON5o4.roa
File: o4gNodeDpB7mIqqFkXvgIXON5o4.roa (raw, json)
Hash identifier: VEFOHS2M8RttgYszeB1w2W4v5nEejAFZct591Rvqxl8=
Subject key identifier: A3:88:0D:A1:D7:83:A4:1E:E6:22:AA:85:91:7B:E0:21:73:8D:E6:8E
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6617C3378674C225EE553A189B7212D8
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/o4gNodeDpB7mIqqFkXvgIXON5o4.roa
Signing time: Tue 05 Sep 2023 16:05:47 +0000
ROA not before: Tue 05 Sep 2023 16:05:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6616:df5c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:66:17:c3:37:86:74:c2:25:ee:55:3a:18:9b:72:12:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 5 16:05:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3880da1d783a41ee622aa85917be021738de68e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:78:f1:e8:1f:84:ce:cd:79:55:37:90:be:a8:
9c:9c:a2:e8:fb:b0:a6:db:38:73:42:c0:a0:96:c9:
3c:de:73:89:3f:9c:5b:cb:43:4c:93:23:af:d5:9b:
43:03:de:41:58:7c:99:cf:c2:29:31:37:bb:23:29:
d8:b1:2f:ed:53:f9:76:cc:5c:d3:44:9c:d6:cc:a5:
51:06:b1:9c:ee:e4:18:b7:c4:0f:e3:fb:16:7e:98:
cf:3c:94:7e:58:70:c0:0c:64:25:7d:6c:c4:aa:e1:
59:3d:e4:e3:96:cb:11:48:6b:95:9d:b9:50:37:eb:
68:e0:be:0a:61:f9:1c:b8:e0:21:b3:a6:a6:eb:5b:
ca:a9:ca:9d:e2:26:bb:dd:f5:00:3c:b3:dc:f0:c4:
43:ae:fc:61:55:85:7b:f3:32:86:74:5e:63:5f:95:
fb:50:d8:65:d1:1b:96:cd:dc:b5:7d:9b:67:d0:fd:
af:4f:71:66:25:7d:5f:18:aa:55:14:26:4c:21:07:
ff:cd:06:0d:35:0b:5e:a0:26:5c:68:a7:f7:42:8d:
8b:e4:0b:62:c9:a7:cb:0f:dd:55:40:32:19:2c:ee:
a0:25:e4:73:eb:20:a6:f4:e6:33:63:d6:c0:f1:3e:
d4:0b:b2:d7:20:26:2f:ae:2b:32:be:eb:37:3d:9b:
26:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:88:0D:A1:D7:83:A4:1E:E6:22:AA:85:91:7B:E0:21:73:8D:E6:8E
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/o4gNodeDpB7mIqqFkXvgIXON5o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:3e:4a:ef:eb:8e:fd:9e:88:63:1a:7d:07:f3:9b:a0:a1:8f:
cf:af:fd:59:30:0e:44:15:68:42:7f:fe:01:29:36:41:00:3d:
e2:bd:ee:d2:c9:9f:ad:9d:a4:c8:f9:e0:60:ef:f8:81:66:c2:
b9:9d:2b:32:ed:67:68:94:ac:11:0a:23:24:e3:32:f3:02:14:
6c:b2:7a:a8:26:ed:e7:7f:41:b5:58:81:41:f9:1e:4b:b4:ed:
ab:e5:e7:b0:d6:ac:46:e7:a8:0c:a3:17:2f:a6:a4:63:02:ee:
de:db:49:bd:6e:99:0c:da:f5:db:d4:3c:ab:49:3b:3d:d1:33:
c7:ca:14:56:62:19:63:5f:44:d9:6e:a6:20:e1:06:f2:da:05:
e7:94:c3:0b:01:3f:41:97:61:ab:c7:bc:09:a7:11:9a:fb:40:
f1:ea:a4:0f:7a:1b:fa:f8:b9:3b:7d:45:49:9e:c9:40:82:09:
70:fc:5d:67:06:eb:3a:e7:66:32:38:e2:53:74:f4:3d:80:9c:
67:a4:18:5c:8b:6e:dd:17:1a:39:fb:42:6e:b2:e8:5a:15:e5:
39:dd:5c:ce:8a:48:2b:9a:70:21:46:5c:9b:24:00:00:13:35:
b3:35:98:7f:c3:b6:a7:f5:76:2f:f5:b8:23:53:e5:61:b1:37:
4a:f6:91:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpmF8M3hnTCJe5VOhibchLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA1MTYwNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzg4MGRhMWQ3ODNhNDFlZTYyMmFhODU5MTdiZTAyMTczOGRlNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXjx6B+Ezs15VTeQvqicnKLo+7Cm
2zhzQsCglsk83nOJP5xby0NMkyOv1ZtDA95BWHyZz8IpMTe7IynYsS/tU/l2zFzT
RJzWzKVRBrGc7uQYt8QP4/sWfpjPPJR+WHDADGQlfWzEquFZPeTjlssRSGuVnblQ
N+to4L4KYfkcuOAhs6am61vKqcqd4ia73fUAPLPc8MRDrvxhVYV78zKGdF5jX5X7
UNhl0RuWzdy1fZtn0P2vT3FmJX1fGKpVFCZMIQf/zQYNNQteoCZcaKf3Qo2L5Ati
yafLD91VQDIZLO6gJeRz6yCm9OYzY9bA8T7UC7LXICYvrisyvus3PZsmxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKOIDaHXg6Qe5iKqhZF74CFzjeaOMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvbzRnTm9kZURwQjdtSXFxRmtYdmdJWE9ONW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADY+Su/rjv2eiGMafQfz
m6Chj8+v/VkwDkQVaEJ//gEpNkEAPeK97tLJn62dpMj54GDv+IFmwrmdKzLtZ2iU
rBEKIyTjMvMCFGyyeqgm7ed/QbVYgUH5Hku07avl57DWrEbnqAyjFy+mpGMC7t7b
Sb1umQza9dvUPKtJOz3RM8fKFFZiGWNfRNlupiDhBvLaBeeUwwsBP0GXYavHvAmn
EZr7QPHqpA96G/r4uTt9RUmeyUCCCXD8XWcG6zrnZjI44lN09D2AnGekGFyLbt0X
Gjn7Qm6y6FoV5TndXM6KSCuacCFGXJskAAATNbM1mH/Dtqf1di/1uCNT5WGxN0r2
kRA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:31:24 2025 by rpki-client